The following blog post, unless otherwise noted, was written by a member of Gamasutra’s community.
The thoughts and opinions expressed are those of the writer and not Gamasutra or its parent company.

As any developer knows, the mobile game economy is like a virtual version of the “Wild West.” There are huge opportunities and loose rules as rapid growth outpaces the industry’s ability to enforce restrictions. It’s an exciting landscape, but one that attracts its fair share of bandits. Fraudsters - mobile gamers who use bots, scripts, and proxies to avoid in-game purchases, or who hack into games’ code to skip levels - are becoming a widespread problem that affects developers.

The good news is that it’s well within our reach to limit fraud in mobile games – even fraud that extends beyond the advertising realm. Taking action is the most important first step in protecting your game and monetization strategy. Unsure where to start? Here is a three-pronged, anti-fraud strategy recommended for all developers:

Monitor, Analyze, Block: The Anti-Fraud Trifecta

1.Monitoring: While protecting your game from fraud is most effective when all stakeholders - publishers, platforms, ad networks, and payment providers – contribute, you can have a huge individual impact as a developer. A good place to start is to use a high-quality monitoring system that keep tabs on your traffic and prevents users from creating fake accounts.

Good monitoring systems detect suspicious traffic using a variety of indicators: user information, third-party scoring information, country, IP, ISP, language, and device attributes and specifics. Systems should be designed in such a way that suspicious but legitimate users are also detected. A certain number of false positives are a sign of a monitoring system that’s loose enough to detect suspicious behavior, whereas zero false positives might indicate that the wrong triggers are being measured.

Also ensure that your partners, such as ad networks and payment providers, are informed of your measures so that they can adjust on their end, as well.

2. Manual analysis & blocking: Fraud protection will always require some manual effort. Good monitoring systems should point out suspicious traffic automatically, but manual analysis on a regular basis will reveal fraudulent behavioral patterns that can then be used to design more advanced blocking rules.

Analysis can even give insight into the behavior of special user segments like whales or power users, whose large-transaction, high-frequency behavioral patterns might appear similar to those of fraudsters.

3. Automatic blocking: Automatic blocking rules are time-effective and convenient – that is, if the blocking rules are based on solid data. Smart blocking rules are based on prior analysis and designed to identify and block fraudulent users who employ bots or scripts.

Automatic blocking system should treat users differently based on their level of suspicion, implementing additional protection rules to especially suspicious users. These rules should also block fraud as late as possible in the transaction process. Fraudsters who can immediately gauge whether their attempts at fraud are successful are more likely to continue attempting fraud, while fraudulent users who are forced to wait for a response are less likely to invest time in adjusting their bots or scripts and reattempting.

A fraud protection system based on the synergies of monitoring, analysis, and blocking won’t only pinpoint fraud, but also minimize users’ inclination to commit it in the first place. By implementing preventive mechanisms throughout the user flow of your game, cheating the system becomes evermore difficult and time-consuming. Having your users play your game the way you intended – and enjoy the experience – might just become the new result.